CLAIMS 



What is claimed is: 

1 LA platform comprising: 

2 a processor; and 

3 a memory coupled to the processor, the memory including an isolated memory 

4 area containing a file checker executable by the processor, the file checker including (i) a 

5 file analyzer to perform a scan operation on a file to produce a scanning result and (ii) a 

6 signature generator to produce a digital signature chain including a digital signature 

7 having the scanning result. 



1 2. The platform of claim 1 , wherein the scan operation by the file checker is a 

2 virus detection function. 

1 3. The platform of claim 1 wherein the incoming file is prevented from being 

2 executed if the verified digital signature chain indicated an unacceptable file integrity. 

1 4. The platform of claim 1, wherein the incoming file is accessed if the 

2 verified digital signature chain indicates acceptable file integrity. 

1 5. The platform of claim 1 further comprising a first control unit coupled to 

2 both the processor and the memory. 

1 6. The platform of claim 5 further comprising a second control unit coupled 

2 to the first control unit and a token bus interface. 

1 7. The platform of claim 6 further comprising a non- volatile memory coupled 

2 to the second control unit. 

1 8. The platform of claim 6 further comprising input/output devices coupled 

2 to the second control unit. 



042390.P8096 



18 



Patent Application 



1 9. The platform of claim 2 wherein the file analyzer is one of a virus detector, 

2 an intrusion detector, and a file integrity checker. 

1 10. The platform of claim 1 wherein the signature generator comprises; 

2 an encryptor to encrypt the scanning result using a signature key; and 

3 a time stamper coupled to the encryptor to time stamp the encrypted result using a 

4 time indicator, the time stamped encrypted result corresponding to the digital signature. 

1 11. The apparatus of claim 1 0 wherein the time indicator is one of a calendar 

2 time and a version identifier of the scanner. 

1 12. The apparatus of claim 1 wherein the file is code. 

1 1 3 . A method comprising: 

2 determining whether a digital signature chain accompanies a file to be accessed; 

3 and 

4 verifying the digital signature chain of the file by determining (i) whether the file 

5 has an acceptable file integrity, and (ii) whether each signatory providing the digital 

6 signature chain is authorized. 

1 14. The method of claim 13 further comprising: 

2 precluding access to the file if the file has an unacceptable file integrity. 

1 15. The method of claim 1 4 further comprising: 

2 precluding access to the file if at least one signatory of the digital signature chain 

3 is unauthorized. 

1 16. The method of claim 1 3 , wherein prior to verifying the digital signature 

2 chain, the method further comprising: 

3 entering into isolated execution mode if the file does not have a corresponding 

4 digital signature chain; 
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5 analyzing an integrity of the file; and 

6 issuing the digital signature chain if the file has an acceptable file integrity. 



1 17. The method of claim 1 6 further comprising: 

2 issuing the digital signature chain with an indication that the file integrity is 

3 unacceptable if the integrity of the file is analyzed and determined to be unacceptable. 

1 18. The method of claim 1 3 further comprising: 

2 opening the file if the verified digital signature chain indicates an acceptable file 

3 integrity; and 

4 refusing to open the file if the verified digital signature chain indicates an 

5 unacceptable file integrity. 

1 1 9. A computer program embodied in a processor readable medium and 

2 executable by a processing unit, comprising: 

3 code for determining whether a digital signature chain accompanies a file to be 

4 accessed; and 

5 code for verifying the digital signature chain of the file by determining (i) whether 

6 the file has an acceptable file integrity, and (ii) whether each signatory providing the 

7 digital signature chain is authorized. 

1 20. The method of claim 19 further comprising: 

2 code for precluding access to the file if the file has an unacceptable file integrity. 

1 21. The method of claim 1 9 further comprising: 

2 code for precluding access to the file if at least one signatory of the digital 

3 signature chain is unauthorized. 
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